How integrated and automated cyber security can reduce small business costs

If you’ve ever been to a night club, then you’ve probably encountered a bouncer or two. They’re there for a good reason: a keen eye and some good protection are the key to keeping party guests in line.

Automated cyber security operates on your systems much like bouncers at a party or a nightclub do: it makes sure only invited guests are allowed in and monitors everyone in case of trouble, quickly ejecting an offending party and ensuring that everyone else has a great time (aka uninterrupted business growth and profitability).

Specialised cyber security

In this analogy, our party has bouncers that are specialised in spotting and countering different threats. We take a look at three of them, along with their cyber security solution counterparts.

Bouncers who block threatening guests from entering

In a party scenario, this bouncer would be stationed at the door, denying entry to people who have the potential to cause trouble (such as those who have had one drink too many).

In the cyber security world, this type of bouncer could be a firewall protecting the perimeter, ransomware protection, which is the ability to block fraudulent email senders or comprehensive protection against Internet-based threats, such as Cisco Umbrella.

Bouncers who continue to analyse and monitor behaviour to detect malicious patterns

At a party, a bouncer might pick up on a suspicious habit of a guest and watch that guest to see if he poses a threat.

In the cyber-world, it might be a tool that uses machine learning and behavioural modelling to understand who is on the network and what they are doing. It could also mean advanced malware protection for endpoints. Cisco AMP for Endpoints is designed to deal with threats that try to get around traditional endpoint security, and continues to monitor every file and process activity - never losing sight of a file or where it goes. If a file starts to demonstrate malicious behaviour, that file is flagged and can be quarantined in the space of a few clicks.

Bouncers who take quick action once a threat occurs

If a threat does occur, bouncers must have the tools to stop it quickly. That might mean ejecting the patron out of a party or, in the case of cyber security, raising an alert that sets more specific actions into motion. In the case of AMP for Endpoints, this is designed to provide a holistic view of all endpoints, regardless of operating system, and provides quick answers on the following:

What happened?

Where did the malware come from?

Where has the malware been?

What is the malware doing now?

How do we stop it?

Communication is key to combat cyber security threats

As effective as these types of prevention, detection and remediation solutions are, they are decidedly less effective if they don’t communicate with each other.

Much like bouncers working in a party would be in constant contact with each other via in-ear devices, cyber security solutions must communicate with each other. When solutions work in concert with each other, they can do a much better job of protecting the overall organisation. For example, if a threat is detected at the network perimeter, the entire integrated cyber security system is on high alert for that threat throughout the infrastructure.

And, of course, bouncers should also communicate with their colleagues working at other parties. This way they’ll identify any people trying to crash all the parties in town, or sneak in another way, and learn from the shared information about their common behaviour and become better at spotting them.

Making sure your cyber security tools talk each other is much easier with an integrated portfolio – one that enables you to add whatever tools you need at any time without worrying about communication between them. For instance, if AMP for Endpoints picks up on a malicious file, it immediately shares this intelligence with both the cloud and the network.

With a fully integrated security solution, a threat to one part of the infrastructure will be protected throughout the organisation.

The importance of integrated and automated security solutions

Cisco's integrated portfolio includes everything a small business needs to prevent malware, keep hackers away from internal networks and data, and secure cloud-based apps, endpoints and email.

That’s important, because the bigger the party, the more bouncers you will need. So, the bigger the threat, the more human resources you’ll need to keep your small business secure. And that increases the cost or the risk, if you don’t automate.

Automating security will prioritise the immediate and urgent threats for your IT team, leaving the low-level threats to be dealt with by the AI bouncers, focusing your team’s attention on the treats that could actually damage your business.

With a comprehensive and automated approach to security, small businesses can foster customer confidence, focus on growth and reduce costs.

About the Author

I'm the Marketing Storyteller for IT Security for Cisco's UK & Ireland region. That means I spend most of my time researching what those dastardly hackers are up to, and I also have a lot of conversations with my much cleverer research colleagues, in order to create content which seeks to inform people about the current threat landscape against businesses. IT Security is a subject I'm immensely passionate about, and what's most important to me is helping customers protect their livelihoods, and educating users not to leave the back door open.
Outside of Cisco a big part of my life is improvisational comedy - I participate in weekly workshops at The Improvisation Foundation and perform on stage with my lovely fellow workshoppers once a month.
Other than that I'm a big nerd when it comes to movies, as my blogs will no doubt unveil.